smtp-relay/master.cf

# Postfix master process configuration
# service  type  private  unpriv  chroot  wakeup  maxproc  command + args

# Port 25 — SMTP (TLS optional, SASL required to relay)
smtp       inet  n        -       y       -       -        smtpd

# Port 587 — Submission (TLS required, SASL required)
submission inet  n        -       y       -       -        smtpd
  -o smtpd_tls_security_level=encrypt
  -o smtpd_tls_auth_only=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
  -o smtpd_tls_loglevel=1

pickup     unix  n        -       y       60      1        pickup
cleanup    unix  n        -       y       -       0        cleanup
qmgr       unix  n        -       n       300     1        qmgr
rewrite    unix  -        -       y       -       -        trivial-rewrite
bounce     unix  -        -       y       -       0        bounce
defer      unix  -        -       y       -       0        bounce
trace      unix  -        -       y       -       0        bounce
verify     unix  -        -       y       -       1        verify
flush      unix  n        -       y       1000?   0        flush
proxymap   unix  -        -       n       -       -        proxymap
proxywrite unix  -        -       n       -       1        proxymap
smtp       unix  -        -       y       -       -        smtp
relay      unix  -        -       y       -       -        smtp
showq      unix  n        -       y       -       -        showq
error      unix  -        -       y       -       -        error
retry      unix  -        -       y       -       -        error
discard    unix  -        -       y       -       -        discard
local      unix  -        n       n       -       -        local
virtual    unix  -        n       n       -       -        virtual
lmtp       unix  -        -       y       -       -        lmtp
anvil      unix  -        -       y       -       1        anvil
scache     unix  -        -       y       -       1        scache